<?php 
	require_once("connector.php");
	require_once("baseobj.php");
	
	class Session extends BaseObj {
		public $UserId = 0;
		public $SID = "";
		public $Active = 1;
		public static $Select = "SELECT SID, USERID, to_char(CREATED,'MM/DD/YYYY HH24:MI') CREATED, ACTIVE, to_char(MODIFIED,'MM/DD/YYYY HH24:MI') MODIFIED FROM Sessions";
		
		public static function create($userId) {
			$conn = createConn();
			//attempt to find existing session for the user
			$sql = Session::$Select." WHERE UserId = :userId AND Active = 1";
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':userId', $userId);
			$cnt = oci_execute($stmt);
			$sid = null;
			if($cnt > 0){
				$row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS);
				$sid = $row["SID"];
				echo "SID: ".$sid;
			}
			oci_free_statement($stmt);			
			oci_close($conn);
			
			if($sid == null) {
				$conn = createConn();
				//no existing session was found so create one
				$sql = "INSERT INTO Sessions (SID, UserId) VALUES (:sid, :userId)";
				$stmt = oci_parse($conn, $sql);			
				$sid = Session::GUID();
				oci_bind_by_name($stmt, ':sid', $sid);
				oci_bind_by_name($stmt, ':userId', $userId);
				oci_execute($stmt);
				$u = new Session();
				$u->UserId = $userId;
				$u->SID = $sid;
				oci_free_statement($stmt);
				oci_close($conn);
			}
			else {
				$u = Session::get($sid);
			}
			
			return $u;
		}
	
		public static function get($sid) { 
			$sql = Session::$Select." WHERE SID = :sid";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':sid', $sid);

			$cnt = oci_execute($stmt);
			$u = null;
			if($cnt > 0) {				
				$row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS);				
				$u = new Session();
				$u->load($row);
			}			
			oci_free_statement($stmt);
			oci_close($conn);
			
			return $u;
		}
		
		public static function getFromURL(){
			$sid = null;
			$session = null;
			if(isset($_GET["sid"])){ 
				$sid = $_GET["sid"];
				$session = Session::get($sid);
			}
			return $session;
		}
		
		public static function GUID() {
			if (function_exists('com_create_guid') === true){
				return trim(com_create_guid(), '{}');
			}
			return sprintf('%04X%04X-%04X-%04X-%04X-%04X%04X%04X', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535));
		}
		
		public function isAlive() {
			//get current datetime
			$n = new DateTime();
			//subtract 30 minutes from current datetime
			$x = $n->sub(new DateInterval("P0Y0M0DT0H30M0S"));
			//if the session has been modified in the last 30 minutes it is alive
			$a = $this->Modified > $x;
			return ($this->Active == 1 && $a);
		} 
		
		public static function modified($sid) {
			$sql = "UPDATE Sessions SET Modified = sysdate WHERE SID = :sid";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':sid', $sid);
			oci_execute($stmt);
			oci_free_statement($stmt);
			oci_close($conn);
		}
		
		public function load($row) { 
			$this->UserId = $row["USERID"];
			$this->SID = $row["SID"];
			$this->Created = new DateTime($row["CREATED"]);
			$this->Modified = new DateTime($row["MODIFIED"]);
			$this->Active = $row["ACTIVE"];
		}
		
		public function logout(){
			$sql = "UPDATE Sessions 
					SET Active = 0
					WHERE SID = :sid";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':sid', $this->SID);
			oci_execute($stmt);			
			oci_free_statement($stmt);
			oci_close($conn);
		}
	}
?>